The Windows Communication Foundation (WCF) framework is being used in almost all .NET development platforms: Windows clients, ASP.NET applications, Windows Phone, Server side applications, and in Windows Azure; but have you ever wondered how WCF works? How you can extend it to your organization’s needs? How to monitor its work? How to tune it for better performance and scalability? WCF is the second largest assembly in the .NET Framework and as complex to understand.
In this 1-day workshop we will deep dive into WCF, learn how to monitor WCF services and how to troubleshoot them, how to tweak our services for better performance, how to secure them with transport and message security and discuss the pros and cons of each technique, and how to extend the WCF service pipeline to accommodate our needs.
1. Upgrade your WCF skills to "Expert"
(Advanced WCF Workshop)
Ido Flatow, Senior Architect
Sela Group
2. About Me
• Senior architect, Sela Group
• Co-author of:
– Developing Windows Azure and Web
Services – Microsoft official course
– WCF 4 – Microsoft official course
– Pro .NET Performance – Apress
• Microsoft MVP
• Focus on server, services, and cloud
technologies
• Manager of the Israeli Web
Developers User Group
3. Agenda for Today
•
•
•
•
Monitoring Services
Performance Considerations
WCF Security
Extending the WCF Pipeline
Join the conversation on Twitter: @SoftArchConf #SoftArchConf
5. Monitoring WCF Services
• Post Factum
– Tracing
– Message logs
• Real-time
– Performance counters
– Event Tracing information
– Windows Management Instrumentation (WMI)
– Message sniffing tools
Join the conversation on Twitter: @SoftArchConf #SoftArchConf
6. Tracing and WCF
• Various levels of tracing
–
–
–
–
–
Critical (fatal exceptions)
Error (any exception)
Warning (limits reached)
Information (basic monitoring)
Verbose (everything)
• Can be used in clients and services
• End-to-End tracing for service chains
• Supports emitting custom tracing to the same file
Join the conversation on Twitter: @SoftArchConf #SoftArchConf
8. Viewing Trace Logs with SvcTraceViewer
End-to-End
Activity Tracing
Additional
information, including
exceptions
Informative (white)
Warnings (yellow)
Exceptions (red)
Join the conversation on Twitter: @SoftArchConf #SoftArchConf
9. End-To-End Tracing
•
•
•
•
•
Each traced activity has an ID
Activity ID can travel within the AppDomain
WCF can propagate the ID to chained services
Track processing and exceptions across services
Use the service trace viewer to see the logs together
Join the conversation on Twitter: @SoftArchConf #SoftArchConf
12. Tracing an Exception End-To-End
Join the conversation on Twitter: @SoftArchConf #SoftArchConf
13. Tracing an Exception End-To-End
Join the conversation on Twitter: @SoftArchConf #SoftArchConf
14. Adding Your Own Trace Messages
•
•
•
•
Create your own trace source
Use the same listener for both sources
Use System.Diagnostics.TraceSource to log events
You can also group events into a new activity
TraceSource ts = new TraceSource("MyTraceSource");
ts.TraceInformation("Doing some processing...");
if (needToThrowAnException)
{
ts.TraceEvent(TraceEventType.Warning, 1, "Going to throw an exception!");
throw new ArgumentException();
}
Join the conversation on Twitter: @SoftArchConf #SoftArchConf
16. WCF Message Logging
• Logs request and response messages
• Supports logging of sensitive information
– Entire message, including the body
– Decrypted messages (service level)
– Username and password (known PII)
• Use it cautiously
–
–
–
–
Logging large content requires more time
Be careful logging sensitive information
If using IIS, don’t expose it in a vdir
Use ACLs on the log file
Join the conversation on Twitter: @SoftArchConf #SoftArchConf
18. Viewing Message in SvcTraceViewer
HTTP
Headers
Requests and
Responses
SOAP
Headers
Message body
(log entire message)
Join the conversation on Twitter: @SoftArchConf #SoftArchConf
19. Messages and Tracing Go Together!
• Combine message
logging with tracing
• Get the whole picture
• Simply load both files
to the same service
trace viewer
Join the conversation on Twitter: @SoftArchConf #SoftArchConf
20. Tracing – What the Heck is ETW?
•
•
•
•
•
•
Event Tracing for Windows
Fast tracing solution supplied by the operating system
Kernel-mode logging mechanism
Logging can be enabled/disabled at runtime
Trace is logged to an in-memory buffer
Buffers are written to the disk asynchronously
• Exists since Windows 2000!
• WCF uses ETW!! And so can you!!!
Join the conversation on Twitter: @SoftArchConf #SoftArchConf
21. WCF Runtime Tracing in Three Steps
Join the conversation on Twitter: @SoftArchConf #SoftArchConf
23. Enabling WMI
• WCF services can expose configuration
information using WMI
• The WMI provider is turned off by default
Join the conversation on Twitter: @SoftArchConf #SoftArchConf
24. Watch WMI Information
Use WMI tools to view information about a running service
Join the conversation on Twitter: @SoftArchConf #SoftArchConf
25. Change Settings at Runtime with WMI
• WMI Admin Tools (http://bit.ly/wmiadmin)
(Requires running in IE9 Compatibility)
• PowerShell scripts with Get-WmiObject
Join the conversation on Twitter: @SoftArchConf #SoftArchConf
27. Sniffing the Network
• Many applications can be used to
monitor WCF communication
–
–
–
–
Microsoft Network Monitor
Wireshark
HTTP Analyzer
HTTP Only
Fiddler
• Sniffing tools usually have problems
listening to the loopback adapter (localhost)
Join the conversation on Twitter: @SoftArchConf #SoftArchConf
28. Sniffing HTTP with Fiddler
• Content types
–
–
–
–
–
XML
JSON
Binary Encoding
Base64 Strings
Gzip Compression
• Features
– Record & Replay
– Break & Change
– HTTPS Sniffing
Join the conversation on Twitter: @SoftArchConf #SoftArchConf
29. Sniffing HTTP with Fiddler
• Content types
–
–
–
–
–
XML
JSON
Binary Encoding
Base64 Strings
Gzip Compression
• Features
– Record & Replay
– Break & Change
– HTTPS Sniffing
Join the conversation on Twitter: @SoftArchConf #SoftArchConf
31. Performance Counters
• WCF has a wide collection of performance
counters
• Counters can be collected for a service, an
endpoint, or a specific operation
Join the conversation on Twitter: @SoftArchConf #SoftArchConf
33. To Create or Not To Create?
• When is a service instance created?
– Depends on the ServiceBehaviorAttribute
– Depends which binding you use
• What are my options?
–
–
–
–
Per call
Per session (default, if supported by the binding)
Single instance
Custom (implement the IInstanceProvider interface)
Join the conversation on Twitter: @SoftArchConf #SoftArchConf
34. Pros and Cons of Instancing
• Per call
–
–
–
–
Creating an instance is usually cheap
Services should be stateless by design (better scalability)
Instance is disposed when finished, no book keeping
Performance hit when initialization requires time / memory / CPU
• Per session
–
–
–
–
Save state between client calls
One-time initialization, low performance hit
Requires keeping instance alive
Behaves badly when scaled
• Single
–
–
–
–
Share global state without using static fields
Reduces performance hit substantially when initialization is long
Can lead to concurrency issues if state is shared
Very problematic to scale (distributed state)
Join the conversation on Twitter: @SoftArchConf #SoftArchConf
35. Opening the Throttle
• Service host defines throttling levels
– Max concurrent calls
– Max session instances to managed
– Max instances (running + idle sessions)
• WCF 3.5 defaults ≠ WCF 4/4.5 defaults
– WCF 3.5 – 16 calls, 10 sessions
– WCF 4+ – 16xCores calls, 100xCores sessions
• ServiceThrottling behavior controls the throttle
Join the conversation on Twitter: @SoftArchConf #SoftArchConf
37. Instancing and Concurrency
• Can concurrent calls be executed using the same
instance?
– Per call – no such scenario, each call has its instance
– Per session – a client can call multiple requests
asynchronously
– Single – very probable, clients can call at the same time
• Which concurrency modes exist in WCF?
– Single. Only one thread can use the instance at a time
– Multiple. Many threads can use the instance at a time
• What is the default?
– Single – BEWARE !!
Join the conversation on Twitter: @SoftArchConf #SoftArchConf
38. Concurrency Explained
• When an operation is executed within an
instance, the instance gets locked
• While the instance is locked, no other thread
can use the instance
• With multiple, no locks are used
Client A
Service
Client B
Join the conversation on Twitter: @SoftArchConf #SoftArchConf
39. What Can Possibly Happen?
• Single concurrency
– Requests will get synchronized
– Requests might reach timeout limits
• Multiple concurrency
–
–
–
–
Concurrency issues in code
End up using critical sections
Critical sections will lead to synchronization
Critical sections are hard to test
• Recommendations
– Prefer using Per-Call instancing
– Minimize the state managed by the instance
– Use thread-safe types in your state
Join the conversation on Twitter: @SoftArchConf #SoftArchConf
40. Reentrant
Mixing Single and Multiple
• What if the running operation needs to call another
service? Or invoke a callback in the client (duplex)?
• Instance is still locked, and won’t handle other requests
• Such scenarios can even lead to deadlock (why?)
• Reentrant – releases the lock when an outgoing WCF
call is detected
Client A
Service
Client B
Join the conversation on Twitter: @SoftArchConf #SoftArchConf
42. Handling Many Calls. How Many is Many?
•
•
•
•
•
WCF uses the Thread Pool’s I/O threads
Default maximum number of threads - 1000
You can increase the limit, is that wise?
What if you have many lengthy operations?
“I heard asynchronous service operations
might help”, indeed?
Join the conversation on Twitter: @SoftArchConf #SoftArchConf
43. The Truth Behind Async Service Operations
• Async operations allow running our code on another
thread, releasing the current thread back to the pool
• But isn’t the other thread just another pooled thread?
• True for CPU work, not true for I/O work
• Use async operations only when doing lengthy I/O
operations (disk, network, db)
• Use the async I/O method calls
– Stream.BeginRead, SqlCommand.BeginExecuteReader
• Using async operations for CPU intensive
work may decrease performance (why?)
Join the conversation on Twitter: @SoftArchConf #SoftArchConf
44. Call to Action
The WCF Thread Pool Bug
• Increasing the min I/O threads helps dealing
with bursts of requests
• In WCF 3.5 and WCF 4 there is a bug in the
Thread Pool usage
• Under continuous load, the counter for
available I/O threads starts to fake
• Result – WCF cannot scale fast enough to
handle the burst, and requests get queued
Join the conversation on Twitter: @SoftArchConf #SoftArchConf
45. Call to Action
The WCF Thread Pool Bug
• What to do? Change WCF to use worker
threads
• http://bit.ly/wcf-threadpool-bug
• Resolved in WCF 4.5
• Worker threads also have default maximum
number of threads
– .NET 3.5 – 250 threads per core
– .NET 4 – 1023 threads (32-bit), or 32768 (64-bit)
Join the conversation on Twitter: @SoftArchConf #SoftArchConf
46. Call to Action
TCP Port Sharing Bug
•
•
•
•
WCF introduced port sharing for TCP
Managed by a Windows Service (SMSvcHost.exe)
IIS automatically uses port sharing for TCP endpoints
WCF 4 has a known bug in the port sharing Windows
service that can cause it to stop responding
• What to do? Install the hotfix!
• http://support.microsoft.com/kb/2536618
• To diagnose network errors, turn on tracing in the port
sharing service (http://bit.ly/wcf-portsharing-trace)
Join the conversation on Twitter: @SoftArchConf #SoftArchConf
48. Know Thy Settings – cont.
• Thread Pool
– Minimum settings - fast response for bursts
– Maximum settings – more concurrent calls
• IIS classic pipeline (system.web section)
– MinFreeThreads / MinLocalRequestFreeThreads
(HttpRuntime)
– AutoConfig (ProcessModel, in machine.config)
• IIS Integrated mode
– MaxConcurrentRequestsPerCPU registry key
HKLMSOFTWAREMicrosoftASP.NET{FW}
– Application Pool’s CLRConfigFile setting
Join the conversation on Twitter: @SoftArchConf #SoftArchConf
49. Limits and Timeout Settings – cont.
• IIS/ASP.NET limitations
– ExecutionTimeout (in release mode)
– MaxRequestLength
• system.webServer | security | requestFiltering
– maxAllowedContentLength
• Outgoing HTTP communication
– System.Net.ServicePointManager.DefaultConnectionLimit
More information and workarounds in the following link
http://bit.ly/asp-iis-threading
Join the conversation on Twitter: @SoftArchConf #SoftArchConf
50. And One Final Tip
Join the conversation on Twitter: @SoftArchConf #SoftArchConf
52. Securing a Service
• Message Protection
– Integrity
– Confidentiality
• Authentication
– Client Authentication
– Service Authentication
• Authorization
– Role-based Authorization
– Claim-based Authorization
• Auditing
Join the conversation on Twitter: @SoftArchConf #SoftArchConf
53. Transport Security
• With transport security, the operating system
handles the protection of the channel
• Supported for HTTP (SSL over HTTPS), TCP, IPC,
and MSMQ
• Requires a service certificate
• IIS is easy – assign certificate to HTTPS binding
• Self-hosting is less fun – need to use netsh
• Self-Signed certificates are no fun at all!!
Join the conversation on Twitter: @SoftArchConf #SoftArchConf
54. How Secure Sockets Layer Works
3. Client verifies certificate’s
authenticity
1. Client requests a secured session
2. Server responds with an X.509 certificate
4. Client sends a symmetric encryption key
(encrypted with the server’s public key)
6. Client and server exchange encrypted messages
(encrypted with the symmetric key)
5. Server decrypts the encryption
key with its private key
Join the conversation on Twitter: @SoftArchConf #SoftArchConf
56. Message Security
• WCF handles everything
• Used by default in WsHttpBinding
• Secure the channel using either:
– Service Certificate
– Windows Identities (service + client)
• Certificate validation can be handled in code
– Change the CertificateValidationMode
– Create your own validation code
Join the conversation on Twitter: @SoftArchConf #SoftArchConf
57. Service Authentication
• By default, WCF uses negotiation to authenticate
the service against the client
• The implementation of WS-Trust is not fully
interoperable (e.g. Java)
• If using non-WCF clients, turn off negotiation and
use Out-of-Band (ahead of time) authentication
• In the binding configuration (service + client), set
NegotiateServiceCredential to false
• In the client endpoint configuration, add the
identity element and set the service’s credentials
Join the conversation on Twitter: @SoftArchConf #SoftArchConf
58. Steps for Out-of-Band Authentication
• Service Certificate
– Install the certificate on the client machine
– Set the client endpoint’s identity to the certificate
• Windows Credentials
– If you use a system account (NetworkService, LocalSystem)
the machine’s Service Principal Name (SPN) is used
– If you use a domain account, register a new SPN in Active
Directory, and set the SPN identity in the service endpoint
– Set the client endpoint’s identity to the SPN
Join the conversation on Twitter: @SoftArchConf #SoftArchConf
60. Impersonation
• A WCF service can impersonate the client’s
Windows identity
• Clients must use a domain account
• If the client is ASP.NET, the app pool must use
a domain account, or also use impersonation
• Three ways to impersonate
– [OperationBehavior(Impersonation = ImpersonationOption.Required)]
– ServiceSecurityContext.Current.WindowsIdentity.Impersonate()
– <serviceAuthorization impersonateCallerForAllOperations="true"/>
Join the conversation on Twitter: @SoftArchConf #SoftArchConf
61. Delegation
• Impersonating a client only works for one hop
– Access local resources and local services
• To call another hop you need delegation
– Access remote services, databases, and file shares
• Delegation requires enabling the account and the
machine for delegation in the Active Directory
• Verify support for delegation in your service before you call
out:
WindowsIdentity.ImpersonationLevel ==
TokenImpersonationLevel.Delegation
Join the conversation on Twitter: @SoftArchConf #SoftArchConf
64. The WCF Service Pipeline
Channel Dispatcher
Channel Stack
Transport
Service Instance
Encoder
Protocol
Protocol
Endpoint Dispatcher
Service
Method
Dispatch
Operation
Service
Method
Dispatch
Operation
Join the conversation on Twitter: @SoftArchConf #SoftArchConf
Dispatch
Runtime
65. The WCF Client Has a Pipeline Too
Client Channel
Client Code
Client Proxy
Client
Operation
Method
Client
Runtime
Client
Operation
Method
Channel Stack
Transport
Encoder
Join the conversation on Twitter: @SoftArchConf #SoftArchConf
Protocol
Protocol
66. Where Can We Interfere?
Where
What
One/Many
Client/Service
Many
Service
Channel Dispatcher
Error Handler
Channel Stack
Message Encoder
One
Both
Address Filter
One
Service
Contract Filter
One
Service
Operation Selector
One
Service
Message Inspector
Many
Both
Instance Context Initializer
Many
Service
Instance Provider
One
Service
Message Formatter
One
Both
Parameter Inspector
One
Both
Many
Service
Endpoint Dispatcher
Dispatch / Client
Runtime
Dispatch / Client
Operation
Operation Invoker
Join the conversation on Twitter: @SoftArchConf #SoftArchConf
67. How Do We Interfere?
•
•
•
•
Through Behaviors!
Behaviors tune the WCF pipeline to your needs
Write your own custom behavior
Attach the behavior to the WCF pipeline
– Code (custom attribute)
– Configuration (add to the behaviors section)
Join the conversation on Twitter: @SoftArchConf #SoftArchConf
68. Which Custom Behavior to Use?
• IServiceBehavior
– Implement as a custom attribute or a configuration element
– Apply behavior for service, channels, endpoints, and operations
• IEndpointBehavior
– Implement as a configuration element
– Apply behavior for specific endpoints and their operations
• IContractBehavior
– Implement as a custom attribute
– Apply behavior for specific contracts and their operations
• IOperationBehavior
– Implement as a custom attribute
– Apply behavior for specific operations
Join the conversation on Twitter: @SoftArchConf #SoftArchConf
70. Summary
• WCF has many hidden gems
• WCF has at least as many unknowns
• No course or lecture can replace
experience
• Perhaps now it will be easier to
connect the dots
Join the conversation on Twitter: @SoftArchConf #SoftArchConf
71. What’s New in WCF 4.5
Ido Flatow, Senior Architect
Sela Group
72. Resources
• Sites, forums, and blogs
– WCF Developer Center
msdn.microsoft.com/en-us/library/dd456779.aspx
– MSDN’s WCF Forum
social.msdn.microsoft.com/Forums/en/wcf
– Blogs about WCF
blogs.msdn.com/b/carlosfigueira
blogs.msdn.com/b/endpoint
blogs.msdn.com/b/drnick
– Many WCF code samples
bit.ly/wcf-wf-samples
• Presentation & code samples
– sdrv.ms/1a6RyB5
• My Info
– blogs.microsoft.co.il/blogs/idof
– idof@sela.co.il
– @IdoFlatow
Join the conversation on Twitter: @SoftArchConf #SoftArchConf
73. Why Not Ditch WCF and Switch to
One Slide about ASP.NET Web API
Web API
• WCF support non-HTTP bindings, such as TCP and
Named Pipes
• WCF supports message patterns, such as one-way
and message queue
• WS-* adds infrastructure features such as reliable
sessions, message security, and transactions
• SOAP-based services support detailed description
of the service with WSDL
More on WCF and ASP.NET Web API history
http://bit.ly/wcf-vs-webapi
Join the conversation on Twitter: @SoftArchConf #SoftArchConf
Editor's Notes
The CLR has a bug in the I/O thread pool.If the service needs to handle lots of calls, the SynchronizationContext should be changed to use worker threads instead of I/O threads:http://blogs.msdn.com/b/dmetzgar/archive/2011/05/04/wcf-scales-up-slowly-with-bursts-of-work.aspx
WCF operations are executed in managed I/O threads.When using an async operation, the I/O thread is returned to the pool.The call is still counted – you cannot handle more operations than defined by the throttlingAn I/O thread that was returned to the pool can be used for other incoming operationsIf using a new worker thread for length operations – you just replace I/O threads with worker thread, the context switch will just harm performanceIf using an IOCP operation (waiting on kernel I/O) – you actually use less managed threadsBenefits:More I/O threads available for other operations (if number of operations exceed the max I/O threads) – this is usually not the caseRequires less I/O threads to be kept alive in the pool – good for preserving memory consumptionIf using IIS – this also decreases the number of managed worker threads used by IIS – relevant to .Net 3.5 only because in .NET 4 IIS worker threads are async
SSL (Secure Sockets Layer) allows the creation of secured transport channels between clients and servers.When a client asks a service to start a secured session (step 1), the server responds by sending it’s X.509 certificate (step 2).The certificate holds information about the server and about the issuing CA .The client validates the certificate, and verifies that the server is who it says it is.After validating the certificate, the client generates and sends a random symmetric key that will be used for the secured session (step 4).The client places the key in a message, and encrypts it with the server’s public key, which the client received in the certificate. Public key encryption can only be decrypted by the private key which only the server has.After the server decrypts the message and retrieves the key, both client and server use the symmetric encryption key to exchange messages. (step 6)The symmetric key is used for both the encryption and decryption of messages.